How Kaspersky Lab is Helping Organizations Protect Their Digital Assets Through Research, Expertise, and Educational Events

TL; DR: Kaspersky Lab, a next-generation online security organization with more than 21 years of experience, uses its intelligence and security expertise to protect businesses, governments, and consumers worldwide. The company’s research-based security solutions provide prevention or early detection of all forms of digital threats. With a continued investment in threat training and educational events, such as its Security Analyst Summit, Kaspersky Lab is committed to helping more than 400 million users protect their valuable online assets.

It’s no secret that online criminals have terrorized businesses, corporate entities, government agencies, and consumers in recent years. Unfortunately, in terms of breach-associated costs, the scene is becoming progressively gloomier.

According to a 2018 study, the average global cost of a data breach has increased to $1.23 million for enterpriss, and $120,000 for SMBs. Consumers and organizations are right to be alarmed as recent breaches — bearing formidable names like WannaCry and Black Energy — threaten to bring financial and reputational ruin upon consumers and organizations.

That’s where Kaspersky Lab’s antivirus and internet security software comes in. Based on deep threat intelligence and more than 21 years of security expertise, the company’s comprehensive security portfolio effectively fights sophisticated and evolving online threats, detecting 360,000 new malicious files every day.

Research is the lifeblood of Kaspersky Lab. “Kaspersky Lab’s Global Research & Analysis Team (GReAT), a group of 40+ anti-malware researchers located in 18 countries around the globe, tracks malicious activity with an emphasis on targeted attacks, including nation-state threat actors and campaigns,” said Rob Cataldo, VP of Enterprise Sales at Kaspersky Lab USA.

When Kaspersky Lab provides training to a security team to help them be more efficient, that training comes from the company’s threat-hunting researchers themselves. “We’re focused on delivering unique world-class threat intelligence; bringing security operations efficiencies that are approved through training from practitioners of the security operations’ functions,” Rob said.

The approach varies wildly from the theoretical training you’d receive from an educational institute, and Rob believes that helps Kaspersky Lab gain a competitive edge. “The cornerstone of the enterprise business strategy will be to provide advanced products and services to help mitigate risks associated with those targeted threats and attacks,” he said.

The company’s extensive security portfolio includes next-generation endpoint protection and security solutions designed to mitigate all forms of digital threats. In addition, its research and educational events, such as its Security Analyst Summit, provide an exclusive learning atmosphere for threat hunters and businesses alike. With an ongoing commitment to developing cutting-edge, research-based security solutions, Kaspersky Lab is protecting 400 million users and 270,000 corporate clients across the globe from online criminals.

Kaspersky Lab is laser-focused on emerging online security trends, including new strains of ransomware. The WannaCry ransomware cryptworm, for example, targeted computers running Windows by encrypting data and demanding users pay ransom in Bitcoin to regain access to their data. Sophisticated, state-sponsored threats, often originating in the Middle East, are also emerging in increasingly destructive forms of wiper malware, such as Shamoon, Black Energy, Destover, NotPetya, and Olympic Destroyer.

“NotPetya, which was really the first widespread wiper attack, was interesting because typically, cybercriminals act for financial profit,” Rob said. “Here, we saw an instance where someone created a threat designed purely to damage, destroy, and disrupt, which harkens back to the early digital graffiti era where there were a lot of script kiddies in their basements designing threats for notoriety.”

Kaspersky Lab is quick to adapt to these threats, even in their infancy. “By and large, our customers have been very well-prepared to deal with these threats, even when the threats were in an unknown state,” Rob said. “That’s mainly attributable to the underlying advanced threat protection that we use in most of our anti-malware solutions.”

In simplistic terms, the solutions allow Kaspersky Lab to identify anomalous processes and stop them in their tracks — even if there’s a partial infection. “So if something is encrypting someone’s personal files on their machine, in a lot of cases we’re able to roll back the effects of that, decrypt those files that were affected, and allow the users to keep working,” Rob said.

Of course, Kaspersky Lab continually introduces new technologies and adjusts solution sets based on emerging threats. For example, the company enhanced its Kaspersky Security for Windows Server application with new Anti-Cryptor technology designed to prevent malware from launching and spreading on high-performance corporate services. “If a crypto-ransomware attack attempts to propagate over to a file share, we’ll stop that traffic from occurring, thereby protecting the rest of the organization from the lateral movement of the threat,” Rob said.

Rob said companies, consumers, and security experts now face a bevy of online security challenges, from general inefficiencies in security operations to a global shortage of skilled cyber talent. Aside from its robust security solutions, Kaspersky Lab serves its client base through value-packed industry events, such as its Security Analyst Summit, which will be held April 8-11, 2019, in Singapore. “This event delves in the research and engineering arm of what we do,” Rob said. “It’s an esoteric, exclusive atmosphere for learning.”

The annual event, in its 11th year, attracts the world’s top malware researchers, global law enforcement agencies, and computer emergency response teams — as well as senior executives in a range of industry sectors, including financial services, technology, healthcare, and education. Event sessions, which encourage debate and information sharing, feature hand-selected presenters who share cutting-edge research, technologies, and ideas for improving collaboration in the global fight against security threats.

“It’s an impressive display of knowledge,” Rob said. “Some of the tracks require advanced knowledge in threat hunting, while others are business sessions for C-level executives who want to learn more about threat intelligence and the research that our team is helping with. It’s evolved quite a bit over the years to include more relevant curricula for the different attendee types.”

As a whole, the event benefits an audience focused on research, whether they’re high-level security professionals or customers interested in the latest threat intelligence solutions the company delivers. “If there’s been a recent discovery of a new advanced threat that could put anyone in harm’s way, we’ll have our global research team announce what they’ve discovered and share relevant details,” Rob said.

Kaspersky Lab’s more than two decades of online security experience help the company deliver reliable cybersecurity solutions for the prevention or early detection of all forms of digital threats. As an organization, Kaspersky Lab is highly engineering-driven: Out of its 3,700 employees, a third focus entirely on research and development. This allows the company to maintain an organic development model.

“We create all of our solutions from scratch, which makes them adaptable as we introduce complementary or adjunct functionalities that augment the existing capabilities of our core products,” Rob said. “They’re part of the same engineering fabric.”

Rob said the company draws its value from three fundamental strengths: Large-scale data accumulation, machine learning, and human expertise. “There’s a massive amount of threat data that we’ve collected,” Rob said. “Every node, if you will, that’s protected by Kaspersky Lab is essentially a sensor, and they are transmitting massive amounts of anonymous metadata for threat information back to our security cloud, which is then ingested by those machine learning components.”

The fact that Kaspersky Lab has been in business as a global entity since 1997 means that the company processes information from threat hot spots all over the world, including Southeast Asia, Korea, Saudi Arabia, the Middle East, and Russia. That data, over time, sharpen the algorithms used in machine learning, which translates into faster and more accurate verdicts.

The company’s strength in human expertise is also a product of its industry longevity. “Through GReAT, we’ve organized a group of research experts who hunt for threats all day long,” Rob said. “There are arguably only 1,000 people of this caliber who exist today, and 40+ of them work for us.”

Rob said the team discovers, on average, between 90 and 100 advanced, persistent threats per year. “By and large, these are state-sponsored type threats, and we share that information responsibly with global law enforcement agencies, as well as our customers, who pay to better arm themselves against the techniques of modern day threat actors,” he said.

Kaspersky Labs’s services have been recognized by multiple awards and independent tests from professional organizations and publications, including the Gartner Peer Insights Customers’ Choice award.

“Gartner runs a program where they go out and ask customers who use different technologies to submit a review of particular products,” Rob said. “For two years running, based on the feedback of our customers, we’ve been chosen. Overall, it’s really about being reliable through effective prevention and detection: People invest in security because they expect you to keep them out of harm’s way.”

In terms of ongoing product development, Kaspersky Lab leans heavily on research, customer feedback, and the market itself to stay one step ahead of both malicious hackers and potential competition. “We have to keep our ear to the ground and listen to our customers,” Rob said. “They expect transparency because we’re the company they’re trusting to protect their crown jewels against cyber actors.”

Last year, Kaspersky introduced its hybrid cloud security offering at the RSA Conference 2018 in San Francisco, which gives customers the ability to protect their digital assets, wherever they may be. “It allows them to have a very heterogeneous environment with assets in all different flavors of their infrastructure, and protect it with one solution that’s centrally orchestrated from one point,” Rob said.

Kaspersky Security for Microsoft Office 365, one of the company’s most recent releases, is a new Security-as-a-Service offering powered by machine learning and real-time cloud-based threat intelligence to enhance protection for Microsoft Exchange. The offering provides next-generation detection technology that is simple to configure, with native integration and enhanced protection against online threats.

“Now, we can route your cloud-based email traffic through Microsoft Office 365 into a solution that will scan it for malware and spam,” Rob said. “It adds a layer of protection for that form factor.”